[Snyk] Fix for 1 vulnerabilities

[gregswindle]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: generator-license

The new version differs by 70 commits.

• 4c18cc3 5.6.0
• d7ec46c Revert package version back to 5.5.0
• cd83289 Merge pull request #126 from jozefizso/node20
• 9cd138f Fix audit issue with `semver` package
• a5b6690 Update `eslint` and `prettier` packages
• e9913fb Update `jest` package
• d921a4b Add NodeJS v20 to the build matrix
• dccf817 Remove the `coveralls` package as it is not maintained anymore
• 2625543 Update `yeoman-generator` package to v5.9.0
• 4831095 Remove support for NodeJS v14
• 52e4926 Fix typo in code sample
• 9fb515b Show latest package version
• d31fc3e Run build only for `main` branch
• fd69b03 Update package description.
• 24adac0 Report code coverage to coveralls.io (#123)
• b6e96ea Hack: fix path to source code files in `lcov.info` before sending data to coveralls.io
• 41e2c78 Upload coverage report as artifact
• 2190465 Report code coverage to coveralls.io
• 3192ca5 generator-license maintenance (#121)
• 012d4a6 Use `npm audit fix` to fix vulnerable packages #120
• 24aa049 Remove unused `lint-staged` package
• fe89c6a Update `eslint` packages
• 9e93d76 Update `prettier` package
• 66c310d Update `jest` and `coveralls` packages

See the full diff

Package name: generator-node

The new version differs by 13 commits.

• ddd83c8 v2.4.0
• d6ad8eb Update Yarn lockfile
• c7c85e3 Update dependencies (#278)
• 129c233 Add support for scoped package (Fix #272) (#275)
• fd50d93 Setup coverage output in the terminal
• 4fec892 Replace deprecated prepublish by prepublishOnly (#271)
• 32f1c96 Correct opencollective badge
• 80e7e9c Update README.md (#270)
• e1260dc Bump dependencies
• a791156 Update the generator/git to ES6 Class (#269)
• ad88f00 Bump dependencies
• ad67e66 2.3.0
• 5c4e722 [Feature] Adding Pre-commit hook and Prettier (#267)

See the full diff

Package name: markdown-magic

The new version differs by 149 commits.

• 7540da8 test: update tests
• 9af1508 chore: ignore
• 9471da2 chore: deps
• 3db74fa refactor: add md parser
• 16cab24 refactor: remove old files
• 8cdcd7a refactor: enable write file
• 78c361a refactor: update cli
• fa851ae update for v2
• a20640b refactor: clean up code
• 9e149dd refactor: update imports
• 4f87071 refactor: update file updater
• cfba912 refactor: push various updates & add notes for more transforms
• f59426d refactor: update fs utils
• 806e4e0 add globrex
• 410118c refactor: add dedent util
• cef6962 refactor: update cli
• d0eb49f refactor: update block parser
• 11397ce refactor: update options parser
• 41803a8 remove travis
• 29937f8 feat: add regex with timeout util
• 0fbb598 test: move tests
• e2d7a2c chore: remove old deps
• 13cc181 chore: import
• cbe919f refactor: update main lib

See the full diff

Package name: yeoman-generator

The new version differs by 250 commits.

• 5e59844 6.0.0
• 4296f50 6.0.0-rc.6
• b224faa fix typo
• 7f1f8e1 allow to customize queueTransformStream priority
• 0eb085f 6.0.0-rc.5
• 232587e Run own or immediately extended beforeQueue (#1475)
• 1938e71 Bump actions/checkout from 3 to 4 (#1473)
• 2d8b8b1 Bump execa from 7.1.1 to 8.0.1 (#1469)
• 5b729fe Bump read-pkg-up from 9.1.0 to 10.1.0 (#1470)
• 465aea2 6.0.0-rc.4
• df635f1 Fix composeLocallyWithOptions with a factory
• 7e6b0c0 6.0.0-rc.3
• 5291e9c allow to ignore 'This Generator is empty' error
• 454b3ec Bump c8 from 7.13.0 to 8.0.0 (#1457)
• 077c6e9 6.0.0-rc.2
• 02e6785 don't emit error at environment, environment's queueTask to handle failures.
• a75dbf8 6.0.0-rc.1
• 7fa5597 replace lodash with lodash-es
• fbae307 use TestAdapter from @ yeoman/adapter
• 580ba5c add spawn/spawnSync
• 66fd6be bump got package
• 9428e88 Revert "disable spawn-command test due to got package bug."
• 1d2889d make test compatible with environment 4
• 1a11e03 6.0.0-rc.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.